It takes two: The 2025 Sophos Active Adversary Report
The dawn of our fifth year deepens our understanding of the enemies at the gate, and some tensions inside it; plus, an anniversary gift from us to you
Similar Posts
New Pixnapping Android Flaw Lets Rogue Apps Steal 2FA Codes Without Permissions
Bys sAndroid devices from Google and Samsung have been found vulnerable to a side-channel attack that could be exploited to covertly steal two-factor authentication (2FA) codes, Google Maps timelines, and other sensitive data without the users’ knowledge pixel-by-pixel. The attack has been codenamed Pixnapping by a group of academics from the University of California (Berkeley), University…
Why top SOC teams are shifting to Network Detection and Response
Bys sSecurity Operations Center (SOC) teams are facing a fundamentally new challenge — traditional cybersecurity tools are failing to detect advanced adversaries who have become experts at evading endpoint-based defenses and signature-based detection systems. The reality of these “invisible intruders” is driving a significant need for a multi-layered approach to detecting threats,
Hackers Target ICTBroadcast Servers via Cookie Exploit to Gain Remote Shell Access
Bys sCybersecurity researchers have disclosed that a critical security flaw impacting ICTBroadcast, an autodialer software from ICT Innovations, has come under active exploitation in the wild. The vulnerability, assigned the CVE identifier CVE-2025-2611 (CVSS score: 9.3), relates to improper input validation that can result in unauthenticated remote code execution due to the fact that the call…
UK: Oxford City Council still investigating cyberattack from earlier this month
Bys sThe home page of Oxford City Council displays an alert: “Disruption to ICT systems and services: We have been experiencing issues with some of our services following a cyber security incident. Most systems are now back online. Thank you for your patience as we work through any backlogs.” The full notice indicates that they experienced…
Beyond the kill chain: What cybercriminals do with their money (Part 5)
Bys sIn the last of our five-part series, Sophos X-Ops explores the implications and opportunities arising from threat actors’ involvement in real-world industries and crimes
Hackers post stolen St. Paul data online as efforts to reset city employee passwords surge forward
Bys sMayor Melvin Carter said a hacker group on Monday posted 43 gigabytes of stolen data taken from server of St. Paul Parks and Rec Department. The InterLock ransomware group claims responsibility for the attack and leak. Rob Olson reports: For the second day, a steady stream of St. Paul employees streamed in and out of……